|
-
Stop Tamperdata?Flash->PHP Question
Ok so just to start out - I am a PHP developer, not a flash developer.
Basic info:
Site type: Virtual Petsite
Userbase: 72,000+
Games: Already made w/ working sendscore
Problem: The game's sent score can be tampered with the Firefox plugin "Tamper Data". All they do is Start Scan, hit send score, and hit tamper and "POST_DATA" comes up with "onLoad=%5Btype%20Function%5D&gamename=GAMENAME&th 35j=SCORE"
Now, is there anyway I can stop this from being edited(how can I hide the score or what can I do to stop POST_DATA from showing). I see people suggesting XML but would that help? Code examples would be cool but a great explanation would be better.
So? How do YOU send your data to avoid Tamperdata?
Thanks in advance,
Jacob
-
You can't avoid packets being viewed/forged.
Just encrypt the data before you send it, verify as much as possible server side etc.
The greatest pleasure in life is doing what people say you cannot do.
- Walter Bagehot
The height of cleverness is to be able to conceal it.
- Francois de La Rochefoucauld
-
Senior Member
Mike has posted several long articles about the problem and how to make it more secure here:
http://mikegrundvig.blogspot.com/
-
Senior Member
Ah you beat me to it tonypa! I was just on his site getting the links to post.
-
Thankyou! that was the link i was looking for, if anyone else has any resources please share.
-
Senior Member
Just search this games board with keywords "highscore" and "security" and you can find many threads about it. But I think Mike has explained it all very well in his blog.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote